The OneTrust Privacy Automation solution is used to simplify compliance, improve operational efficiency, and enable risk-informed decisions.
N/A
SAI360
Score 7.1 out of 10
N/A
SAI360 merges GRC software and Ethics & Compliance Learning to enhance risk management. Its scalable solutions have supported global organizations for 25+ years.
First, when we compare OneTrust Privacy and Data Governance Cloud to the software I mentioned above, OneTrust Privacy and Data Governance Cloud software was way more affordable than the other 2. Also, along with the other 2 software, OnTrust was one of the most user friendly …
When we started looking at privacy management tools, OneTrust stood out in its ability to streamline compliance globally where it's not just siloed to one department or one location. The convenience of OneTrust is that it is very flexible and the beauty of the platform is how …
OneTrust has outstanding policy management, which equips every employee with the right direction in terms of understanding and compliance. Further, the scanning of the website remains vital and resourceful, as it gives proper management of the cookies. Again, OneTrust the …
OneTrust was the chosen platform after an extensive evaluation process that commenced with RFPs (Request For Proposal) issued to about 30 companies with similar services.
We evaluated Clarip, but it is not showing up on this list. It is a similar solution to OneTrust but provides a much more broad scope including full automation of processes to delete and access customer information based on requests. They were exponentially more expensive than …
Archer was very similar to SAI360 in cost and features. Has a more modern look and feel and more task functionality. The price point was very similar. Didn't choose them as our existing usage is in an On-Prem version and support from our in-house IT team was not able to be …
Wasn't personally involved in the vendor selection process. I am aware that one of the main drivers for selecting BWise was cost (I believe BWise total project cost was several times lower than MetricStream's).
OneTrust offers the monitoring, the assessment, and the verification process of data, a formal way of ensuring the results outlined are correct, understandable, and confined. Besides, the policy and the website scanners from OneTrust are incredible, virtual, and concrete. Besides, OneTrust outlines the risk management options, with the customer mapping and taking the required assessments. Lastly, websites and cookies are efficiently scanned and made efficient for concrete business management.
The usage of ROAM, as well as the integration of external programmes through API and import functions, has almost reduced duplication of work. One thing to keep in mind is that your use cases must be very clear. There are a lot of SAI solutions, and their titles don't always correspond to what they actually perform.
Internal Quality Check. I think this is the most prominent area BWise should improve on. Currently they lack internal Quality Check/Review.
Internal dialogue among employees. When various consultants are involved in the same project, their communication and updating each-other could be a bit stronger.
Inclusion of content. The application could benefit considerably from including some out-of-the-box content (e.g. COSO principles, Risk catalogs, etc.).
Risk Workshop functionality. This is one of the main functionalities that allows integration among different areas of an organization. However, it comes pretty much "take it or leave it"; it's almost not customizable.
Consultants' transparency. When an organization requests a particular design of the application or solicits changes to such design, it would be great if BWise consultants could always and more thoroughly advise on the implications of these changes, design to the organization's strategic objectives and ultimate target.
Product features. Application has room for improving its programming, e.g. providing internal checks when creating/answering an issue/finding (for instance, remedy implementation date cannot be before the recommendation response date or the recommendation creation date). Another example would be the possibility of automatic periodic followup (e.g. every 1 month until completion).
We have used a shared hosted tenant managed by OneTrust for over three years with only one instance of a lengthy (4+ hours) unexpected outage which happened years ago.
We selected a European hosting location based on our initial use case, however, our usage of the OneTrust platform has expanded globally to where the majority of users sit in the Americas or Asia-Pacific regions. There is a noticeable lag when navigating the platform for users located far away from the hosting location.
As a user, you can mitigate any sluggish response time by the aggressive use of multiple browser tabs. I commonly have one tab open on an Inventory detail screen, another tab on an Assessment window, and maybe another tab on a customized inventory list screen. If one tab is slow I hop to another tab and work on that tab while the first tab responds.
Both our customer rights access and cookie consent advisors were responsive and helpful in getting us trained on using the platform and the various assets implemented on our website. We had multiple training sessions that were more than enough in getting all of the users on our team familiar with what we needed to do.
An implementation specialist worked with us remotely during our initial deployment. Due to the diverse geographic locations of my organization's participants, the implementation and training had to be done remotely (this was before COVID-driven remote work).
The implementation specialist was knowledgeable and helpful but to really get full benefit from the platform I encourage organizations to dedicate a specialist within your company to really study and learn the platform.
Wasn't personally involved in the vendor selection process. I am aware that one of the main drivers for selecting BWise was cost (I believe BWise total project cost was several times lower than MetricStream's).
The platform has exceptional capabilities to customize the user interface, reports, and recorded information. In most cases, the customization can be compartmentalized so that if the customization performed for Department A is determined to not impact Department B, the customization can be hidden from Department B.
We have four different departments using the IT Risk Management module. Three departments share their work in what we call the 'shared data risk management zone'. Another department is using IT Risk Management for a bespoke portfolio risk management task, and the customization for this department is largely hidden from the other departments.